GDPR – or The General Data Protection Regulation – is a major piece of legislation that comes into effect on 25 May 2018. It aims to bring a standardised and more rigorous approach to data protection throughout the EU. Furthermore, its impact extends to any organisation that handles EU citizens’ data, meaning international companies doing any trade with the EU are likely to also be affected.
HR and Finance professionals will both want to take steps now to ensure their organisations are fully prepared for GDPR. On the financial side, there are fines of €20m or 4% of global turnover (whichever is the larger) for non-compliance, meaning the issue is likely to be firmly on the radar of your CFO. From a practical point of view, HR is one of the departments with the most to do to ensure the business is ready in time for the GDPR deadline.
With this in mind, we’ve been scouring the web to find some of the best resources for HR and Finance professionals wanting to get a fuller understanding of GDPR and eager to get a checklist of actions that they should be taking. Grab yourself a coffee and take a few minutes to devour the following excellent articles on preparing for GDPR.
GDPR resources for HR professionals
Barry Stanton, Partner at law firm Boyes Turner, looks at both the risks and the opportunities that GDPR presents in his piece for Personnel Today. He argues that “while the GDPR brings risks and eye-watering penalties for non-compliance, it also brings great opportunities for firms that use it to build a healthier, more effective relationship of trust with customers and employees.”
Jean Bell, People and Talent expert at PA Consulting shares six actions that HR professionals need to be getting on with now and stresses that “GDPR boils down to changing the behaviours of everyone in the organisation. It’s not the sole responsibility of Data Protection Officers. So you really need to be proactive about changing culture. And recognise that all this takes time and constant enforcement. If you don’t start now, you may run out of time to address issues that arise.”
Mika Javanainen, Vice President of Product Management at M-Files Corporation, shares 10 things for HR to know about GDPR in his post for HRExaminer and stresses that “Given the vast amounts of employee-related files, documents and personal data that HR departments frequently deal with on a daily basis, the significance of the GDPR cannot be underestimated.”
GDPR – further reading for Finance professionals
Huw Beverley-Smith, Partner of law firm Faegre Baker Daniels, takes a look at the organisational changes and investment needed to ensure compliance in his piece for FinancialDirector. His ten-step approach to preparing your business for GDPR will give you a high-level view of where your company currently stands and where your deficiencies lie.
Last but not least, Rav Hayer and James Drury-Smith of PwC present 10 ways financial services organisations are preparing for the GDPR. These recommendations are based on PwC’s experiences of working with clients across the FS industry to prepare for the GDPR and summarise some of the key considerations in the journey towards readiness. They stress “It is not enough to simply understand the headline requirements of the GDPR. What is more important is understanding what the GDPR is intended to achieve and what the real risk issues are for your organisation” with the message being all too clear that “The GDPR will result in widescale data privacy transformation requirements across every organisation.”
We hope this roundup has given you some reassurance about the state of readiness of your business for the challenges that GDPR represents. Or at the very least, has helped you identify the shortcomings that you now need to urgently address. Should you need to hire in additional staff to plug any gaps you’ve now identified, please feel free to reach out and the Howarth Morris team would be happy to help.